[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH untested for-4.2] memory: fix race between TCG a
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [PATCH untested for-4.2] memory: fix race between TCG and accesses to dirty bitmap |
Date: |
Wed, 7 Aug 2019 16:24:40 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 |
On 06/08/19 16:23, Peter Maydell wrote:
> On Mon, 29 Jul 2019 at 22:47, Paolo Bonzini <address@hidden> wrote:
>>
>> The race is as follows:
>>
>> vCPU thread reader thread
>> ----------------------- -----------------------
>> TLB check -> slow path
>> notdirty_mem_write
>> write to RAM
>> set dirty flag
>> clear dirty flag
>> TLB check -> fast path
>> read memory
>> write to RAM
>>
>> and the second write is missed by the reader.
>>
>> Fortunately, in order to fix it, no change is required to the
>> vCPU thread. However, the reader thread must delay the read after
>> the vCPU thread has finished the write. This can be approximated
>> conservatively by run_on_cpu, which waits for the end of the current
>> translation block.
>>
>> A similar technique is used by KVM, which has to do a synchronous TLB
>> flush after doing a test-and-clear of the dirty-page flags.
>>
>> Reported-by: Dr. David Alan Gilbert <address@hidden>
>> Signed-off-by: Paolo Bonzini <address@hidden>
>> ---
>> I tested this some time ago, and enough has changed that I don't
>> really trust those old results. Nevertheless, I am throwing out
>> the patch so that it is not forgotten.
>
> This patch looks almost the same (maybe identical except for the
> commit message title?) as the patch "memory: introduce
> memory_global_after_dirty_log_sync" which you sent out at almost
> the same time as this one. Which patch should we be reviewing?
Yes, it's the same except for the commit message title. I forgot a "-1"
after editing the .patch file.
Paolo